Australia is shifting to a more aggressive cybersecurity stance, with Prime Minister Scott Morrison making the government’s largest-ever investment in cybersecurity in the form of a $1.4 billion package that includes measures explicitly designed to proactively target offshore cyber criminal actors.
The newly announced Cyber Enhanced Situational Awareness and Response (CESAR) package has been formulated “to boost protection and cyber resilience for all Australians, from individuals and small businesses through to the providers of critical services,” the government said in releasing details of its ten-year plan.
How the $1.4 billion in cybersecurity funds will be spent
The CESAR plan includes more than $31 million to help the Australian Signals Directorate (ASD)—the government’s military-intelligence and surveillance agency—“disrupt cybercrime offshore”, Morrison said, “taking the fight to foreign criminals that seek to target Australians” and supporting cybercrime efforts at all levels of government.
It will also spend $35 million developing a new threat-sharing platform—designed to facilitate the “near real time” sharing of information about emerging threats between industry and government.
The funding also includes $12 million towards “new strategic mitigations and active disruption options” such as allowing telecommunications companies to block malicious websites and emerging viruses “at speed”—suggesting the imposition of a low-level filter that could choke new attacks nationwide before they spread.
Morrison’s package also includes a range of initiatives to support R&D and education into cybersecurity issues, with $118 million to support better data science and intelligence capabilities and $62 million for a “national situational awareness capability” that will help the ASD deliver “tailored advice and assistance” about mitigating cyber threats.
It will also commit $20 million on research facilities “to better understand threats to emerging technology” so the ASD can provide “timely and authoritative advice” to help organisations adopt new technologies securely.
A $470 million investment will support the creation of more than 500 new jobs inside the ASD—expanding the 1,775-employee agency by a third—in a move that Minister for Defence Linda Reynolds said would “put our nation on the front foot in combating cyber threats”, and would complement the agency’s $15 billion investment in cyber and information warfare capabilities.
Sceptism as to whether ASD can use the cybersecurity money well
The funding was welcomed by industry, but not everyone was entirely convinced of the value of pouring more money into the existing bureaucracy. “Giving ASD more money for cyber is like flushing it down the toilet,” said one government supplier who has experience engaging with the ASD and warned about the “wastefulness of giving so much money to them”. Past experiences working with the ASD, he said, suggest “an organisation that won’t be able to execute at the level it needs to or with the right degree of agility.”
Others were equally sceptical about the ability of increased ASD funding to trickle down to everyday businesses. “What we need to see in the ‘new strategy’ is some funding to help Australian businesses bolster their security,” WatchGuard Technologies ANZ regional director Mark Sinclair said, calling for direct government assistance to help businesses bolster their own cyber defences.
“Unfortunately, many businesses are struggling in these economic conditions and can’t afford to purchase adequate cybersecurity solutions,” he said. “Businesses are under attack and there is only so much that can be done from a bunker in Canberra. The battle needs to be fought on the front line.”
Australia’s awakening to cyber threats
Australia’s cyber warfare capabilities were largely a matter of speculation until 2016, when then-Prime Minister Malcolm Turnbull allocated a swathe of cybersecurity funding and a tacit admission, on the back of a major breach of the Bureau of Meteorology attributed to China, that Australia does indeed have offensive cyber capabilities.
The government’s formal cybersecurity Strategy was launched in 2016, but its pending update this year comes amidst a climate of unprecedented pressure from malicious cyber actors, which culminated in Morrison’s surprise 19 June announcement that the country was being targeted by malicious nation-state actors.